Bootstrap

gdb查看汇编代码的例子

gdb查看汇编代码的例子

操作步骤

  1. 用 gdb 启动可执行文件:gdb executable_file
  2. 在 gdb 中设置断点:break function_name 或者 break *memory_address
  3. 运行程序:run
  4. 当程序停止在断点处时,使用 disassemble 命令来查看汇编代码:
  • 查看当前函数的汇编代码:disassemble
  • 查看某个地址的汇编代码:disassemble memory_address
  • 查看当前函数某个范围内的汇编代码:disassemble start_address,end_address
  • 查看当前函数的某个汇编指令的源代码位置:list *instruction_address

注意:如果您使用的是 Intel 架构的处理器,可以在 gdb 中使用 set disassembly-flavor intel 命令来切换汇编代码的格式为 Intel 格式。默认情况下,汇编代码是 AT&T 格式的。

范例x86

#include <stdio.h>

int add(int a, int b) {
    return a + b;
}

int main() {
    int a = 10, b = 20;
    int c = add(a, b);
    printf("The sum of %d and %d is %d\n", a, b, c);
    return 0;
}

现在可以使用 gdb 工具来查看该程序的汇编代码。以下是一个示例 gdb 会话:

$ gdb test
(gdb) break main
Breakpoint 1 at 0x1189: file test.c, line 9.
(gdb) run
Starting program: /path/to/test 

Breakpoint 1, main () at test.c:9
9       int a = 10, b = 20;

(gdb) disassemble add
Dump of assembler code for function add:
   0x000000000000112d <+0>:     push   %rbp
   0x000000000000112e <+1>:     mov    %rsp,%rbp
   0x0000000000001131 <+4>:     mov    %edi,-0x4(%rbp)
   0x0000000000001134 <+7>:     mov    %esi,-0x8(%rbp)
   0x0000000000001137 <+10>:    mov    -0x8(%rbp),%eax
   0x000000000000113a <+13>:    add    -0x4(%rbp),%eax
   0x000000000000113d <+16>:    pop    %rbp
   0x000000000000113e <+17>:    retq   
End of assembler dump.
(gdb) disassemble main
Dump of assembler code for function main:
   0x0000000000001189 <+0>:     push   %rbp
   0x000000000000118a <+1>:     mov    %rsp,%rbp
   0x000000000000118d <+4>:     sub    $0x10,%rsp
   0x0000000000001191 <+8>:     movl   $0xa,-0x4(%rbp)
   0x0000000000001198 <+15>:    movl   $0x14,-0x8(%rbp)
   0x000000000000119f <+22>:    mov    -0x8(%rbp),%edx
   0x00000000000011a2 <+25>:    mov    -0x4(%rbp),%eax
   0x00000000000011a5 <+28>:    mov    %edx,%esi
   0x00000000000011a7 <+30>:    mov    %eax,%edi
   0x00000000000011a9 <+32>:    callq  0x112d <add>
   0x00000000000011ae <+37>:    mov    %eax,-0xc(%rbp)
   0x00000000000011b1 <+40>:    mov    -0x4(%rbp),%eax

范例arm64

#include <stdio.h>

int add(int a, int b) {
    return a + b;
}

int main() {
    int a = 10, b = 20;
    int c = add(a, b);
    printf("The sum of %d and %d is %d\n", a, b, c);
    return 0;
}

假设将该程序保存为 test.c,并使用以下命令将其编译为可执行文件:

aarch64-linux-gnu-gcc -g -o test test.c

现在可以使用 gdb 工具来查看该程序的汇编代码。以下是一个示例 gdb 会话:

$ aarch64-linux-gnu-gdb test
(gdb) break main
Breakpoint 1 at 0x40068c: file test.c, line 9.
(gdb) run
Starting program: /path/to/test 

Breakpoint 1, main () at test.c:9
9       int a = 10, b = 20;

(gdb) disassemble add
Dump of assembler code for function add:
   0x0000000000400664 <+0>:     stp    x29, x30, [sp, #-16]!
   0x0000000000400668 <+4>:     mov    x29, sp
   0x000000000040066c <+8>:     str    w0, [sp, #8]
   0x0000000000400670 <+12>:    str    w1, [sp, #4]
   0x0000000000400674 <+16>:    ldr    w0, [sp, #8]
   0x0000000000400678 <+20>:    ldr    w1, [sp, #4]
   0x000000000040067c <+24>:    add    w0, w0, w1
   0x0000000000400680 <+28>:    mov    sp, x29
   0x0000000000400684 <+32>:    ldp    x29, x30, [sp], #16
   0x0000000000400688 <+36>:    ret
End of assembler dump.
(gdb) disassemble main
Dump of assembler code for function main:
   0x000000000040068c <+0>:     stp    x29, x30, [sp, #-16]!
   0x0000000000400690 <+4>:     mov    x29, sp
   0x0000000000400694 <+8>:     mov    w1, #20
   0x0000000000400698 <+12>:    mov    w0, #10
   0x000000000040069c <+16>:    bl     0x400664 <add>
   0x00000000004006a0 <+20>:    str    w0, [sp, #4]
   0x00000000004006a4 <+24>:    ldr    w0, [sp, #4]
   0x00000000004006a8 <+28>:    mov    w1, #20
   0x00000000004006ac <+32>:    mov    w2, #10
  

;